Information Security Engineer

Job offer – Information Security Engineer (Medior)

Context and objective

An international technology company operating in the media sector is looking for an Information Security Engineer to join the IT Security team within the corporate IT department. The role focuses on operational cybersecurity activities, vulnerability management, security monitoring, incident response support, security assessments, and continuous improvement of security controls.

This is a hands-on role combining technical expertise, operational follow-up, coordination, and continuous improvement. The position is part of a structured cybersecurity and compliance programme in the context of NIS2 obligations under Belgian law and the implementation of ISO/IEC 27001:2022 certification, with a target of April 2027. The consultant/employee will contribute directly to control implementation, evidence production, and audit readiness across the corporate IT perimeter.

Practical information

• Location: Seraing (Liège), Belgium
• Contract type: open to freelance consultant or permanent employee, depending on profile
• Start date: as soon as possible
• Remote work: hybrid model with 2 days per week remote and 3 days on site
• Travel: no travel required
• Reporting line: CyberSec Operations Manager
• Working language: French for day-to-day team interactions, with professional English required for documentation, tools, and international stakeholders
• Team context: the IT Security team is being structured and scaled, in a build environment rather than a steady-state operation

Main responsibilities

Security Operations & Monitoring
• Monitor and investigate security alerts across multiple security platforms
• Participate in incident response activities and support the coordination of security investigations
• Improve and tune detection capabilities and monitoring use cases
• Support the development and maintenance of operational security procedures and playbooks
• Perform operational security reviews and follow-up activities

Vulnerability & Exposure Management
• Coordinate vulnerability scanning activities and ensure findings are reviewed and prioritized
• Follow up remediation actions with infrastructure, platform, application, and support teams
• Track remediation progress and escalate overdue actions when required
• Coordinate external penetration tests and security assessments
• Ensure findings from assessments and pentests are documented, tracked, and remediated

Security Assessments & Risk Management
• Perform security reviews of applications, services, and technical solutions
• Contribute to risk assessments for new projects, technologies, and providers
• Review security configurations and identify improvement opportunities
• Support the identification and management of security risks across the IT environment

Security Governance & Reporting
• Maintain and monitor operational security KPIs and dashboards
• Support reporting related to vulnerabilities, incidents, security posture, and remediation efforts
• Participate in periodic reviews of user access, privileged accounts, and security controls
• Contribute to compliance activities and implementation of security requirements related to ISO/IEC 27001:2022 and NIS2
• Produce and maintain auditable evidence of security control operations, including logs, reports, review records, and remediation closure evidence

Security Improvement & Automation
• Identify opportunities to improve security controls and operational processes
• Contribute to automation initiatives to reduce manual activities
• Leverage available security tooling capabilities, including built-in analytics and automation features, to improve detection quality and reduce manual effort
• Maintain security documentation, processes, and operational procedures

Collaboration & Security Advisory
• Provide security guidance and support to IT teams and project stakeholders
• Work closely with Infrastructure and Workplace teams to improve overall security posture
• Promote security best practices and support awareness initiatives
• Stay informed about emerging threats, vulnerabilities, and cybersecurity trends

Profile required

Experience
• Minimum 3 years of experience in cybersecurity, security operations, vulnerability management, or a related technical security role
• Experience in security monitoring, incident handling, or vulnerability management
• Experience working with security tools and operational security processes

Technical knowledge
• Understanding of security monitoring and incident response principles
• Knowledge of vulnerability management processes and risk-based remediation prioritization, including CVSS scores, asset criticality, exploitability context, and compensating controls
• Hands-on experience with Microsoft Defender XDR suite: Defender for Endpoint, Defender for Office 365 / Exchange Online Protection, and Defender for Identity
• Familiarity with Microsoft Sentinel or an equivalent SIEM platform; deployment experience is a strong asset
• Understanding of Entra ID governance, including Conditional Access, Identity Protection, and Privileged Identity Management (PIM)
• Familiarity with Microsoft Intune and Microsoft Purview
• Understanding of network security fundamentals, including firewall management with Palo Alto or FortiGate, log forwarding, and network segmentation principles
• Familiarity with security frameworks and best practices such as ISO/IEC 27001, NIST CSF, and CIS Controls

Personal skills
• Strong analytical and problem-solving mindset
• Organized, structured, and detail-oriented
• Ability to work independently while collaborating effectively with different teams
• Curious, proactive, and willing to continuously learn new technologies and security trends
• Strong communication and coordination skills
• Practical and solution-oriented team player

Languages
• Fluent French
• Professional English required

Nice to have certifications
• SC-200 — Microsoft Security Operations Analyst
• SC-300 — Microsoft Identity and Access Administrator
• CompTIA Security+ or CySA+
• ISO/IEC 27001 Lead Implementer or Lead Auditor

Expected deliverables

• Security alert monitoring and investigation follow-up
• Incident response support and investigation coordination
• Vulnerability tracking and remediation follow-up
• Security reviews, risk assessment contributions, and assessment follow-up
• Operational security KPIs, dashboards, and reporting
• Auditable evidence for control operation and ISO/IEC 27001:2022 readiness
• Updated security procedures, playbooks, documentation, and process improvements

Compétences / Qualités indispensables:
Security operations & monitoring,
Vulnerability management,
Incident response,
Microsoft Defender XDR & Sentinel,
Entra ID security governance,
French and professional English

Compétences / Qualités qui seraient un +:
SC-200, SC-300, CompTIA Security+ or CySA+
ISO/IEC 27001 Lead Implementer or Lead Auditor